
Senior Manager β Application Security Engineering
Posted 2 days ago

Posted 2 days ago
This is a fully remote position, open to applicants in Connecticut, +4 more states.
β’ Spearhead the design, implementation, and governance of enterprise application security initiatives, secure development standards, and software supply chain security practices.
β’ Define security requirements, establish security definitions of done, create launch readiness criteria, and implement automated controls that facilitate secure software delivery across cloud-native, hybrid, and legacy environments.
β’ Promote the adoption of secure coding practices and developer-centric security capabilities throughout enterprise engineering teams.
β’ Manage the complete vulnerability management lifecycle, encompassing identification, prioritization, remediation, exception management, validation, and reporting.
β’ Develop operational metrics, service level objectives, governance processes, and executive reporting mechanisms that foster accountability and measurable risk reduction.
β’ Lead enterprise response initiatives for critical and zero-day vulnerabilities, including risk assessment, stakeholder communication, remediation coordination, and executive reporting.
β’ Encourage the adoption of modern security technologies and DevSecOps capabilities, such as SAST, SCA, container security, secrets management, software bill of materials (SBOM), and software supply chain security solutions.
β’ Oversee the automation of security controls within CI/CD pipelines to enhance operational efficiency, strengthen risk mitigation, and expedite secure software delivery.
β’ Evaluate, implement, and optimize application security, cloud security, and software supply chain security technologies within on-premises, cloud, and hybrid environments.
β’ Investigate and adopt emerging technologies, including AI-driven security and developer productivity solutions, that enhance security outcomes and operational efficiency.
β’ Lead and nurture a high-performing team of security professionals, promoting a culture of technical excellence, accountability, innovation, and continuous improvement.
β’ Build and scale security programs that encourage developer adoption, self-service security capabilities, and DevSecOps maturity within enterprise engineering teams.
β’ A minimum of 7 years of experience in developing, implementing, and managing enterprise security technologies across Application Security, Container Security, Data Security, Infrastructure Security, or similar cybersecurity domains.
β’ At least 7 years of experience directing security programs and initiatives from initial design and implementation through to operationalization and ongoing improvement in enterprise environments.
β’ Over 5 years of experience securing cloud-native and modern application environments using AWS, Azure, or GCP, including containers, Kubernetes, Infrastructure-as-Code (IaC), and Security-as-Code methodologies.
β’ More than 5 years of experience supporting secure software development lifecycle (SDLC) programs, vulnerability management, security testing, regulatory compliance, and enterprise application portfolios.
β’ A minimum of 4 years of experience with application security technologies such as SAST, SCA, CVA, mobile application security testing, secrets scanning, software supply chain security, and developer enablement initiatives.
β’ At least 2 years of experience leading, mentoring, managing, and developing teams in security engineering, application security, vulnerability management, or cybersecurity.
β’ Medical, dental, and vision coverage
β’ Paid time off
β’ Retirement savings options
β’ Wellness programs
β’ Comprehensive benefits package
Switzerland Global Enterprise
Xylem
DISHER
Umdasch Group
Get handpicked remote jobs straight to your inbox weekly.